In a continuing effort to make my hosting cloud more dynamic, I have had to become relatively creative with my Apache configurations so that my farm can remain relatively flexible with little or no reconfiguration on newly introduced servers. This presents a big problem when working with a multi-site Apache configuration, and an even bigger problem when SSL certificates are involved. As many of you probably already know, you need to have one network interface (virtual or physical) dedicated to a particular domain SSL certificate. It’s easy enough to grab a wildcard SSL certificate from GoDaddy and bind a single network interface to all subdomains, but when you have a farm configuration where you’re hosting multiple domains from the same web servers, then you’ll need to have a dedicated NIC for each wildcard domain SSL certificate. That’s ok, we can handle this by creating virtual NICs (eth0:1) and giving them their own IP address, and Apache is none the wiser. But, this is where our Apache configuration starts to become a problem. With Apache, we know that we can listen by IP address, but not by interface, so in order for us to keep a common configuration between all of the servers in our farm, we’ll need to figure out a way for it to be able to dynamically handle binding when the IP address is not statically defined. Continue reading »

© 2013 Dan's Blog Suffusion theme by Sayontan Sinha